Re: [lime-dev] the upcoming release

Hi! On Wed, Jun 14, 2017 at 03:30:05PM +0200, Pau wrote: Thanks for merging, it works in production here now and seems to do the job pretty well. The next thing which is burning on my heart is https://github.com/libremesh/lime-packages/pull/160 Because I really want the stock firewall on nodes which are exposed to the public Internet (ie. v4 gateways as well as *all* v6 nodes on a public prefix). Generally, I believe that everything can be done nicely with fw3 and it's much better integrated into the OpenWrt-ecosystem than using 'raw' ip(6)tables calls. I also know the fw3 codebase pretty well, so whatever 'strange behaviour' you are experiencing I can probably help fixing it. Regarding bmx6 prefix delegation: I'll have a small hackathon with Axel in Berlin in mid-June, hoping to get all the netifd/ubus events right on both ends and fully integrate bmx6 with netifd, similar to how homenet/babel is working already. I have also been notified that most major (Cable) ISPs over here can be asked to reconfigure their gateway devices to delegate a single /56 instead of many /64 prefixes to connected routers downstream. For xDSL and ftth we can replace the original CPEs more easily as there are plenty VDSL2-capable devices which run OpenWrt/LEDE natively and most ftth services simply use a media-converter equipped with a 1000BASE-LX10 or GPON SFP on one and 1000BASE-T on the other side. Hence any gigabit Ethernet capable router can be used as a gateway and we can decide freely what to do with the /56 prefix (e.g. dynanically assign /64 prefixes to bmx6/7 tun interfaces). This is great news as it will allow for a good compromise regarding https://github.com/libremesh/lime-packages/pull/71 (which I'm going to prepare now during this afternoon) Cheers Daniel